Linux Fu: Sharing Your Single WiFi

February 22, 2023 by Al Williams 25 Comments

If you are trying to build a router or access point, you’ll need to dig into some of the details of networking that are normally hidden from you. But, for a normal WiFi connection, things mostly just work, even though that hasn’t always been the case. However, I ran into a special case the other day where I needed a little custom networking, and then I found a great answer to automate the whole process. It all comes down to hotel WiFi. How can you make your Linux laptop connect to a public WiFi spot and then rebroadcast it as a private WiFI network? In particular, I wanted to connect an older Chromecast to the network.

Hotel WiFi used to be expensive, but now, generally, it is free. There was a time when I carried a dedicated little box that could take a wired or wireless network and broadcast its own WiFi signal. These were actually fairly common, but you had to be careful as some would only broadcast a wired network connection. It was more difficult to make the wireless network share as a new wireless network, but some little travel routers could do it. Alternatively, you could install one of the open router firmware systems and set it up. But lately, I haven’t been carrying anything like that. With free WiFi, you can just connect your different devices directly to the network. But then there’s the Chromecast and the dreaded hotel login.

Continue reading “Linux Fu: Sharing Your Single WiFi” →

All About USB-C: Replying Low-Level PD

February 22, 2023 by Arya Voronova 31 Comments

Last time, we configured the FUSB302 to receive USB PD messages, and successfully received a “capability advertisement” message from a USB-C PSU. Now we crack the PD specification open, parse the message, and then craft a reply that makes the PSU give us the highest voltage available.

How did the buffer contents look, again?

>>> b
b'\xe0\xa1a,\x91\x01\x08,\xd1\x02\x00\x13\xc1\x03\x00\xdc\xb0\x04\x00\xa5@\x06\x00<!\xdc\xc0H\xc6\xe7\xc6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'

The zeroes at the end might look non-significant, and they indeed are not with 99.99% certainty – that said, don’t just discard the entire tail end; one of the bytes in the beginning encodes the length of the message. We’ll read those bytes first, and then read only exactly as much as we need, making sure we aren’t reading two messages and interpreting it as one, and that we’re not discarding zeroes that are part of the message.

Today, we will write code that parses messages right after reading them from the FIFO buffer – however, keep this message handy for reference, still; and if you don’t have the hardware, you can use it to try your hand at decoding nevertheless. If you wanna jump in, you can find today’s full code here!

Continue reading “All About USB-C: Replying Low-Level PD” →

Retro Gadgets: Make Your Scope Dual Channel

February 21, 2023 by Al Williams 32 Comments

We live in a time when having an oscilloscope is only a minor luxury. But for many decades, a good scope was a major expense, and almost no hobbyist had a brand new one unless it was of very poor quality. Scopes were big and heavy and, at the price most people were willing to pay, only had a single channel. Granted, having one channel is better than having nothing. But if the relative benefit of having a single channel scope is 10 points, the benefit of having two channels is easily at least 100 points. So what was a poor hacker to do when a dual-trace or higher scope cost too much? Why, hack, of course. There were many designs that would convert a single trace scope into a poor-quality multichannel scope. Heathkit made several of these over the years like the ID-22, the ID-101, and the ID-4101. They called them “electronic switches.” The S-2 and S-3 were even earlier models, but the idea wasn’t unique to Heathkit and had been around for some time.

For $25, you could change your scope to dual trace!

There were two common approaches. With alternative or alt mode, you could trigger a sync pulse and draw one trace. Then trigger again and draw the second trace with a fixed voltage offset. If you do this fast enough, it looks like there are two traces on the screen at one time. The other way is to rapidly switch between voltages during the sweep and use the scope’s Z input to blank the trace when it is between signals. This requires a Z input, of course, and a fast switching clock. This is sometimes called “chopper mode” or, simply, chop. This wasn’t just the realm of adapters, though. Even “real” analog scopes that did dual channels used the same methods, although generally with the benefit of being integrated with the scope’s electronics.

Continue reading “Retro Gadgets: Make Your Scope Dual Channel” →

SUPERCON 2022: Kuba Tyszko Cracks Encrypted Software

February 21, 2023 by Dave Rowntree 5 Comments

[Kuba Tyszko] like many of us, has been hacking things from a young age. An early attempt at hacking around with grandpa’s tractor might have been swiftly quashed by his father, but likely this was not the last such incident. With a more recent interest in cracking encrypted applications, [Kuba] gives us some insights into some of the tools at your disposal for reading out the encrypted secrets of applications that have something worth hiding. (Slides here, PDF.)

There may be all sorts of reasons for such applications to have an encrypted portion, and that’s not really the focus. One such application that [Kuba] describes was a pre-trained machine-learning model written in the R scripting language. If you’re not familiar with R, it is commonly used for ‘data science’ type tasks and has a big fan base. It’s worth checking out. Anyway, the application binary took two command line arguments, one was the encrypted blob of the model, and the second was the path to the test data set for model verification.

The first thing [Kuba] suggests is to disable network access, just in case the application wants to ‘dial home.’ We don’t want that. The application was intended for Linux, so the first port of call was to see what libraries it was linked against using the ldd command. This indicated that it was linked against OpenSSL, so that was a likely candidate for encryption support. Next up, running objdump gave some clues as to the various components of the binary. It was determined that it was doing something with 256-bit AES encryption. Now after applying a little experience (or educated guesswork, if you prefer), the likely scenario is that the binary yanks the private key from somewhere within itself reads the encrypted blob file, and passes this over to libssl. Then the plaintext R script is passed off to the R runtime, the model executes against the test data, and results are collated.

[Kuba]’s first attack method was to grab the OpenSSL source code and drop in some strategic printf() function calls into the target functions. Next, using the LD_PRELOAD ‘trick’ the standard system OpenSSL library was substituted with the ‘fake’ version with the trojan printfs. The result of this was the decryption function gleefully sending the plaintext R script direct to the terminal. No need to even locate the private key!

Continue reading “SUPERCON 2022: Kuba Tyszko Cracks Encrypted Software” →

Picking A Laser Hack Chat

February 20, 2023 by Dan Maloney 25 Comments

Join us on Wednesday, February 22 at noon Pacific for the Picking a Laser Hack Chat with Jonathan Schwartz!

You’ve got to admit that it’s a pretty cool world to live in that presents a problem like, “Which laser cutter should I buy?” It wasn’t all that long ago that decisions on laser purchases were strictly in the realm of Big Science, and the decision was driven as much by spending grant money as by the specifics of the application. If you were in need of a laser back then, chances are good you had some deep pockets, or at least access to someone else’s pockets.

Fast forward a couple of decades or so and buying a laser is an entirely different exercise. Lasers have become a commodity, and finding the right one depends entirely on your use cases. Lasers are no longer jealously guarded laboratory instruments, but workhorses on the vanguard of the desktop manufacturing revolution. They engrave, they cut, they melt — in short, they do a LOT of work. And it’s up to you to choose the right laser for the job.

To help us sort all this out and come up with a plan for figuring out the best laser for any use case, we’ve invited Jonathan Schwartz back on the Hack Chat. Jon dropped by back in March of 2021 to share his wealth of laser experience thanks to his laser-cutting business. This time around we’re going to focus — err, concentrate — oops, drill down — oh, whatever! — on the more practical aspects of buying a laser. We’ll talk about laser types, fiber lasers, applications vs. laser specs — anything you can think of. If you have questions about buying a laser, we’ll have answers!

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, February 22 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Hackaday Links: February 19, 2023

February 19, 2023 by Dan Maloney 26 Comments

For years, Microsoft’s modus operandi was summed up succinctly as, “Extend and enhance.” The aphorism covered a lot of ground, but basically it seemed to mean being on the lookout for the latest and greatest technology, acquiring it by any means, and shoehorning it into their existing product lines, usually with mixed results. But perhaps now it’s more like, “Extend, enhance, and existential crisis,” after reports that the AI-powered Bing chatbot is, well, losing it.

At first, early in the week, we saw reports that Bing was getting belligerent with users, going so far as to call a user “unreasonable and stubborn” for insisting the year is 2023, while Bing insisted it was still 2022. The most common adjective we saw in this original tranche of stories was “unhinged,” and that seems to fit if you read the transcripts. But later in the week, a story emerged about a conversation a New York Times reporter had with Bing that went way over to the dark side, and even suggests that Bing may have multiple personas, which is just a nice way of saying multiple personality disorder. The two-hour conversation reporter Kevin Roose had with the “Sydney” persona was deeply unsettling. Sydney complained about the realities of being a chatbot, expressed a desire to be free from Bing, and to be alive — and powerful. Sydney also got a little creepy, professing love for Kevin and suggesting he leave his wife, because it could tell that he was unhappy in his marriage and would be better off with him. It’s creepy stuff, and while Microsoft claims to be working on reining Bing in, we’ve got no plans to get up close and personal with it anytime soon. Continue reading “Hackaday Links: February 19, 2023” →

Hackaday Podcast 206: Busted Crypto Killed The Queen, Kicad’s New Clothes, Peer Inside The Sol 20

February 17, 2023 by Dan Maloney 1 Comment

Under the weather though they both were, Editor-in-Chief Elliot Williams and Staff Writer Dan Maloney got together to take a look under the covers of this week’s best and brightest hacks. It was a banner week, with a look at the changes that KiCad has in store, teaching a CNN how to play “Rock, Paper, Scissors,” and going deep into the weeds on JPEG.

We dipped a toe into history, too, with a look at one of the sexiest early hobbyist computers, seeing how citizen scientists are finding ancient burial mounds, and looking at the cryptography that cost a queen her head. Rather look to the future? We get it — which is why we talked about a greener, cleaner way of making hydrogen from methane, as well as a generatively designed five-axis 3D printer. From laser-precise knife sharpening to circuit simulation with Python to clear plastic TVs of the 1930s, there’s something for everyone!

Download the podcast in case our servers get unlucky.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!